See also: IRC log
<keiji> 648 986 475
<scribe> scribe: JoeHallCDT
err
<scribe> scribeNick: JoeHallCDT
<wseltzer> present=
<wseltzer> present=keiji,Christine,JoeHallCDT,wseltzer
<tara> Simon if you are on WebEx - do you have audio?
christine: first agenda item, welcome and introductions
Craig Spiezle of OTA introduces himself
?? was going to solicit comments from PING and compile them
<christine> marta from Blockstream
there is something in github, but not sure there have been much interaction with that
<npdoty> I don't see wake-lock in Github
<npdoty> ah, I see the pull request now
I didn't know we had wake-lock on our plates
tara: seems to be a PR from Marta
<npdoty> https://github.com/martasect/ping/blob/af74fb50958671f248b521f215a9b953019ec6cc/wake-lock-privacy.md
<wseltzer> https://github.com/w3c/ping
tara: folks from wake-lock
presented at the last PING telecon
... combination of privacy and security sections in their
document
... particularly interested in side channel risks
... e.g., use another API that would cause a wake
... Marta had asked if people could look at and comment, she
would welcome that input
... they wanted feedback by the end of August
<christine> webex - http://mit.webex.com/mit/j.php?MTID=meda7c1b71d647aefa4377d4610c67648
wseltzer: how would this group
like to manage it's github repo?
... we have WG groups working on specs, editors approve of PRs,
anyone can comment/make PRs
... whomever authors a document could accept pull requests on a
document
... q: should we accept the PR from Marta to start the
discussion on wake-lock
npdoty: we've been doing separate
repos for separate spec-like documents
... that makes sense to track issues, etc., specific to those
lines of work
... sounds fine with me
Christine: anyone have problems with that? (no one did.)
<npdoty> can use the single PING github repo for gathering feedback documents, reviews, etc., which I think the TAG has also been doing
Christine: we should help Marta
by indicating we'll collectively take a look
... and some of us can help deal with any learning curves for
github (marshal email ffeedback into the repo)
... Marta is concerned about any issues about making sure the
wake-lock can be narrowed to specific applications
... please have a look and share thoughts on the email list
npdoty: deadline is end of August?
tara: when the original email request came out, they said in passing they'd like comments by the end of August
christine: even if we can't reach
consensus in time as PING, it's very helpful for them to have
individual feedback
... so they can incorp. into securit and privacy
considerations
<christine> Agenda item 3 - Fingerprinting guidance
christine: reached out to IETF
IAB privsec program, invited them to review it and give
feedback
... have they been in touch with you?
npdoty: haven't heard anything
back.
... we did get back to the TAG, and now I have some more issues
from them
christine: is the next step to take into account comments from TAG
is this before a formal group note, or did we do that?
<npdoty> https://github.com/w3ctag/spec-reviews/issues/38#issuecomment-236352266
npdoty: the last rev tried to take care of all of our issues
<npdoty> https://github.com/w3c/fingerprinting-guidance/issues/13
<npdoty> https://github.com/w3c/fingerprinting-guidance/issues/12
npdoty: feedback from TAG was considerably longer, so we'll want to look at those
<npdoty> https://github.com/w3c/fingerprinting-guidance/issues/6
npdoty: these issues (links here)
are harder for npdoty to deal with himself
... I could use help in making the document more
actionable
... decision tree, Q&A style response, so that it would be
useful to engineers who want to try to incorporate guidance
into their own work
... would be helpful to get feeback from folks that could apply
the guidance to their own document
... and get back feedback on "this was helpful" or "here is
what helped me in my own document"
... this is issue 13 and is the hardest… we need some good
ideas/advice here in terms of actionability
christine: solution: (?) send an
email to the PING list to focus people's attention on those
three issues
... we can check with the chairs to see if we can find someone
to help you with actionability
npdoty: that would work, we could also take fingerprinting document into the next review we do
<chaals> [+1 to npdoty's idea of "field-testing]
christine: wake-lock is probably not a good candidate (not really.)
npdoty: any of the sensors work should be good
christine: Lucasz would be
helpful? (maybe)
... let's see if we can think of someone to help Nick and what
would be a good field test
... will take it to the list
1+
<tara> Thanks Nick!
JoeHallCDT: is this yet a group note?
christine: it's a draft group note with the ambition of being a group note?
npdoty: yes, the thing we are calling a draft group note was out for feedback and we want to wrap that up
JoeHallCDT: we can give IAB program a few weeks for feeback
<christine> Agenda item 4: Privacy questionnaire
christine: apologies, I need to
find time to chase people up about this
... will try to jumpstart interest in it by picking a piece of
it to have a discussion on the email list
... they may be a bit daunted by looking at the whole document,
so let's carve off smaller more interesting bits for
discussion
npdoty: Greg, I think we had some discussion on the list about some common cross-origin problems
gnorcie: thinking less about fingerprinting but more about cross-origin leaks and stuff
<npdoty> https://github.com/gregnorc/ping-privacy-questions/issues
npdoty: will raise an issue
TPAC! TPAC! TPAC!
<christine> Agenda item - TPAC
tara: we now have a meeting for
PING on Tuesday of TPAC
... tried to not have conflicts with WebAppSec, etc.
... no agenda just yet (Joe has not been helpful there!)
I'll be there!
<keiji> I will
<npdoty> Nick regrets, but would like to call in if possible
<christine> Christine, regrets too
tara: we have set up A/V to
accommodate remote participatoin
... we need to identify what would be the most productive to
work on in the f2f meeting
... privacy questionnaire, would that be helpful, Christine?
(yes.)
... can evaluate the state of fingerpriting guidance at that
time
... last time we had presentations from other WGs
... if there is anything else we want to bring up feel free
<npdoty> I think presentation from groups and identification of common issues raised in other working groups is very useful at TPAC
tara: will send out a note to the list with draft agenda, solicitiing topics
npdoty: meeting on Tuesday is
different than what we've done usually…
... won't be able to do what we've done in the past in terms of
"here are things we've seen this week"
tara: that's a good point, will want to touch base after the meeting for that purpose too
<npdoty> (what time of the day will the meeting be in Europe? and what timezone?)
<npdoty> 4 October, maybe?
JoeHallCDT: we could have a PING call the week after TPAC
4 Oct WFM
that's a tuesday, just note
tara: Tuesday meeting is all-day, Lisbon time (08:30-18:00 local time)
lisbon is GMT, I think
<npdoty> 1am to 9am Pacific Time?
christine: web privacy news!!!
<christine> Agenda item - web privacy news
christine: developments
terrifying or otherwise?
... Lucasz had sent a link around about CSS hijacking
<tara> To respond to Nick - yes, that timezone is about right; 1am to 10am PT, which suggests having later afternoon TPAC-time for items relevant to West Coat USA folks!
<gnorcie> URL: https://github.com/jlund/streisand
<npdoty> tara, either first thing in the morning, or late in the afternoon would work well for me
<chaals> [thanks all. Sorry about not being able to attend the meeting at TPAC, but I'll see some of you there I hope]
This is scribe.perl Revision: 1.144 of Date: 2015/11/17 08:39:34 Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/ Guessing input format: RRSAgent_Text_Format (score 1.00) Succeeded: s/Blockchain/Blockstream/ Found Scribe: JoeHallCDT Inferring ScribeNick: JoeHallCDT Found ScribeNick: JoeHallCDT WARNING: No "Topic:" lines found. WARNING: Replacing previous Present list. (Old list: wseltzer, tara, weiler, christine, Andrey_Logvinov, Barry_Leiba, marta, mikeoneill, terri, keiji, npdoty) Use 'Present+ ... ' if you meant to add people without replacing the list, such as: <dbooth> Present+ keiji, Christine, JoeHallCDT, wseltzer, npdoty Present: keiji Christine JoeHallCDT wseltzer npdoty craig_spiezle gnorcie chaals Regrets: weiler WARNING: No meeting chair found! You should specify the meeting chair like this: <dbooth> Chair: dbooth Got date from IRC log name: 25 Aug 2016 Guessing minutes URL: http://www.w3.org/2016/08/25-privacy-minutes.html People with action items: WARNING: Input appears to use implicit continuation lines. You may need the "-implicitContinuations" option. WARNING: No "Topic: ..." lines found! Resulting HTML may have an empty (invalid) <ol>...</ol>. Explanation: "Topic: ..." lines are used to indicate the start of new discussion topics or agenda items, such as: <dbooth> Topic: Review of Amy's report[End of scribe.perl diagnostic output]